It's very possible after a few beers that I'm not thinking straight, so I won't linger on the point, but what is that wild card mask doing?
0.0.6.255 00000110 11111111 Won't this work for all the odd subnets within the specified range (192.168.1.0, 192.168.3.0.........192.168.7.0) If it's still allowed...Are non contiguous wild card masks still allowed? Dunno.. I seem to remember hearing they weren't any more. Gaz ""Adams Josh"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > If you are trying to limit access on connections to the vty lines then you > should use a standard access list. > Your config will look like the following: > > access-list 1 permit 192.168.1.0 0.0.6.255 > line vty 0 4 > transport input telnet > access-class 1 in > > > If you are trying to limit access for telnet sessions originating from your > router connecting to other devices; then your config will look like this: > > access-list 1 permit 192.168.1.0 0.0.6.255 > access-list 1 permit 192.168.1.0 0.0.6.255 > line vty 0 4 > transport input telnet > transport output telnet > access-class 1 out > > The reasoning here is that you dont need to go so far as to specify the > transport protocol with an extended ACL when you can simply disable all > other transport types on your VTYs and have fewer ACL headaches. > > You can combine these techniques to limit telnet sessions both inbound and > outbound, but be careful not to "lock your keys in the car"! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45773&t=45585 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
